ESRI (UK) LIMITED

Esri UK Map and Data Services

Online maps for use in your Esri Geographic Information System (GIS).
Includes free GB Basemaps built from Ordnance Survey OpenData™ and premium data services which include Ordnance Survey MasterMap data and the Land Registry Polygon Service. Delivered as Data as a Service (DaaS) to Public Service Mapping Agreement (PSMA) customers.

Features

  • Ready to use across the ArcGIS Platform
  • Automatically updated services
  • Free and premium services
  • GB services in British National Grid
  • Integrate with external data and ArcGIS Online
  • Scalable mapping services over Esri Geoservices REST API/OGC WMTS
  • Public Sector Mapping Agreement (PSMA) bundled services including MasterMap
  • Land Registry Polygon service including enriched attribution
  • Basemaps can be added directly to ArcGIS Online Basemap gallery

Benefits

  • Cost-effective: GIS data without expanding on-premise infrastructure
  • Scalability: Meet short term demand for mapping and addressing data
  • Resilience: Leverage the cloud for resilience
  • Cost: Remove the cost of having to update your data
  • Flexibility: Choose from a wide range of products and services
  • Agile: Instantly get your data and mapping
  • Knowledge: Find where your assets and information are
  • Experience: Benefit from Esri UK’s cartographic knowledge
  • Localisation: British look and feel to your application
  • Cost: Use the free services to reduce project cost

Pricing

£1137 per licence per year

  • Education pricing available

Service documents

Framework

G-Cloud 11

Service ID

1 4 0 9 0 6 9 2 0 4 0 5 7 2 0

Contact

ESRI (UK) LIMITED

Clare Bean

01296 745500

info@esriuk.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Esri UK Map and Data Services can be used in conjunction with many other software services such as "ArcGIS in the Cloud" and "ArcGIS Online"
Cloud deployment model
Public cloud
Service constraints
Please see the Terms and Conditions document
System requirements
  • A standard broadband internet connection
  • Modern web browser: Safari, Firefox, Chrome, Edge, Internet Explorer 11
  • Compatibility view not supported
  • Minimum term 12 months (30 day trial also available)

User support

Email or online ticketing support
Email or online ticketing
Support response times
Target response times:
P1 - 2 hours - System inoperable. No users can run application.
P2 - 4 hours - Critical component inoperable preventing “full production” use of system although other areas of system can be used.
P3 - 8 hours - Elements of system not providing the functionality as expected or intermittent failures in system processing. In all cases, system can be used for “full production”.
P4 - 16 hours - Problem does not impact use or productivity of system but is frustrating to use, or there is an error in documentation.

09:00-17:30 GMT Monday-Friday excluding English Bank Holidays
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Please see the Esri UK Standard Support Policy in the Terms and Conditions document
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Esri UK sales, contactable at sales@esriuk.com, will handle order processing, account creation and set-up, account management and billing functions for your ArcGIS Online Subscription. User instructions, Help and extensive tutorial videos are available online.
Service documentation
Yes
Documentation formats
  • HTML
  • Other
Other documentation formats
Video
End-of-contract data extraction
Data can be easily downloaded as CSV or Shapefile using the tools within ArcGIS Online. All uploaded data and generated data will be available for extraction.
End-of-contract process
All user content (data and maps) can be downloaded by permitted users from their user-specific content repository. Maps and layers created by users and uploaded to ArcGIS Online may be made “private” or deleted. Administrators may remove the accounts of users who are registered as members of their organisation. At least one Administrator account must be maintained whilst a subscription is active. Further information on administering an organisation is published online.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
None
Service interface
Yes
Description of service interface
The customer accesses the service using a standard Web Browser as described in the Service Definition.
Accessibility standards
None or don’t know
Description of accessibility
We have an ongoing commitment to accessibility and are WCAG 2.0 AA, compliant with minor issues.
Accessibility testing
We test all our service interfaces with users of assistive technology, using the Voluntary Product Accessibility Template.
API
Yes
What users can and can't do using the API
All features of the service are available via API
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Web Application Templates used to access the service can be configured with customer's individual logos, colour schemes etc. Some templates are fully configurable to allow complete control of what functions you wish to make available to users.

Scaling

Independence of resources
ArcGIS Online is designed from the ground up to be a completely scalable and elastic multi-tenancy service. It currently has over 1 million users and serves 1 billion maps per day. It utilizes the capacity of two major cloud infrastructure providers to meet customer demands. Each cloud provider offers SLAs for their infrastructure - Esri provides an SLA for ArcGIS Online.

Analytics

Service usage metrics
Yes
Metrics types
Current and historical health information of ArcGIS Online is available at http://status.arcgis.com/. In addition, detailed information is available on the subscriber’s ArcGIS Online account in the activity dashboard. This includes information on user activity, popular and unpopular content, and geographical extents of items.
Reporting types
  • API access
  • Real-time dashboards

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
EU-US Privacy Shield agreement locations
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data can be easily downloaded as CSV or Shapefile using the tools within ArcGIS Online. All uploaded data and generated data will be available for extraction.
Data export formats
  • CSV
  • Other
Other data export formats
  • Shapefile
  • File Geodatabase
Data import formats
  • CSV
  • Other
Other data import formats
  • Shapefile
  • File Geodatabase

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Esri uses commercially reasonable efforts to make the data, services and software hosted by Esri ArcGIS Online available with a quarterly uptime percentage of 99.9% as further detailed in Esri’s ArcGIS Online Service Level Agreement (SLA).
Approach to resilience
ArcGIS Online has a full Continunity Plan designed in alignment with FISMA securiy control requirements. ArcGIS Online cloud Infrastructure providers ensure their business continuity plans align with ISO 27001 standards.
Outage reporting
General site information for ArcGIS Online is available via the Status page of the Trust.ArcGIS.com website. Informaiton about customer specific incidents can be viewed via the MyEsri Support portal.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Access to information systems audit tools are restricted to authorized personnel within ArcGIS Online. Access to information system diagnostic and configuration ports is restricted to authorized personnel within ArcGIS Online.
Access restriction testing frequency
At least every 6 months
Management access authentication
Other
Description of management access authentication
Less than 10 ArcGIS Online Administrators are responsible for managing ArcGIS instances and connect using X.509 certificates.

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • FISMA Low
  • FedRAMP
  • SSAE16 SOC1 Type 2

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • Other
Other security governance standards
ArcGIS Online has been granted FISMA (Federal Agency Production System Security Accreditation) Low Authority to Operate. FISMA Low controls align with NIST Special Publication 800-53 which maps to ISO controls. 
ArcGIS Online uses cloud infrastructure providers compliant with ISO 27001, FedRAMP and SSAE16 SOC1 Type 2.
Information security policies and processes
As part of the overall FISMA accreditation, baseline security requirements are constantly being reviewed, improved and implemented as part of a Continuous Monitoring Program.
ArcGIS Online's ISMP is based upon NIST standards as part of FISMA accreditation. A mapping of FISMA security controls to ISO 27001 controls is available in NIST Special Publication 800-53 , Appendix H. Cloud infrastructure providers implement ISO 27001 certified ISMP's.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Esri maintains separate non-production systems for testing and validating new development and systems infrastructure capabilities as outlined in the internal ArcGIS Online Configuration Management Plan, aligning with FISMA Low requirements.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Cloud infrastructure providers virtualization technologies are regularly evaluated internally and by independent assessments. A number of key security parameters are monitored to identify potentially malicious activity on the systems which includes the use anti-malware software on systems accepting customer datasets/information. Cloud infrastructure provider anti-virus controls align with ISO 27001 requirements. ArcGIS Online releases which include patches and bug fixes are performed quarterly. If security vulnerabilities are found or reported, they are assessed by security staff. Any vulnerabilities that have an assessed risk of high or critical are patched immediately outside of normal patching routines.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Cloud infrastructure providers virtualization technologies are regularly evaluated internally and by independent assessments. A number of key security parameters are monitored to identify potentially malicious activity on the systems which includes the use anti-malware software on systems accepting customer datasets/information. Cloud infrastructure provider anti-virus controls align with ISO 27001 requirements. ArcGIS Online releases which include patches and bug fixes are performed quarterly. If security vulnerabilities are found or reported, they are assessed by security staff. Any vulnerabilities that have an assessed risk of high or critical are patched immediately outside of normal patching routines.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Incident management is delineated within ArcGIS Online's Incident Response Plan documentation aligning with FISMA requirements.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£1137 per licence per year
Discount for educational organisations
Yes
Free trial available
No

Service documents

Return to top ↑